I look for this report every year. It’s not only interesting, but highly valuable. IBM’s annual Cost of a Data Breach Report gives IT, risk management, and security/compliance leaders important facts and numbers to help us all make better decisions. It also helps us understand our risks and where to invest in security.
It was hard to select only 8. I actually started with a goal of 7 (more on that later). I decided to choose what I thought would be the most valuable data points for readers. So, if you don’t have time to read the entire report published by IBM (46 pages), read this post (7 minutes) if nothing else.
About the Report
This year’s report (the 19th in the series) highlights the increase in cost of breaches, changes in technology, the increase in shadow data, insider threats, and how business disruptions from data breaches are affecting companies more than before.
This report was created independently by the Ponemon Institute and sponsored and published by IBM. Researchers looked at 604 organizations that had data breaches between March 2023 and February 2024. They gathered data from 17 different industries across 16 countries and regions, studying breaches that affected between 2,100 and 113,000 records. To get a better understanding, researchers interviewed 3,556 security and business leaders who had firsthand experience with data breaches at their companies.
1. Increase in Data Breach Costs
The cost of data breaches around the world increased by 10% ($4.45 million in 2023), bringing the average to $4.88 million per breach. This is the largest yearly jump in costs since the pandemic began, which shows that businesses are struggling even more to deal with the fallout from these incidents.
Many companies said that the biggest costs came from losing customers and having their business operations disrupted. When a breach happens, it can cause systems to go down – leading to production delays and unhappy customers. These issues often take a lot of time and money to resolve. Besides that, businesses often have to pay regulatory fines, hire experts to investigate the breach, and spend on new technology to prevent future attacks.
2. Healthcare is Still the Most Expensive Sector
Healthcare is still the most expensive industry for data breaches, with an average cost of $9.77 million per incident. This sector has been at the top of the list since 2011, making it a prime target for cybercriminals. The sensitive nature of healthcare data, such as patient records and insurance details, makes these breaches especially damaging. Even a small breach can lead to huge costs due to legal actions, fines, and the risk of identity theft for patients.
Hospitals and healthcare providers also struggle with older, outdated technology systems that make it easier for hackers to get in. This year’s (slight) drop in costs doesn’t change the fact that healthcare organizations need to continue improving their cybersecurity defenses, though.
3. AI and Automation Help Save Money
I hate to be Captain Obvious with that title above, but we all know how fast AI is helping with automation – and AI is advancing at breakneck speed. Companies that use AI and automation tools in their security operations saved an average of $2.2 million per breach compared to those that don’t. These tools can quickly detect unusual behavior in networks and respond to threats before they become bigger problems.
With AI, companies can also reduce the time it takes to identify and contain a breach, which means less data is exposed and less damage is done. AI and automation tools can handle tasks like monitoring traffic and analyzing threats 24/7, something that’s hard for human teams to do by themselves. This means companies are more likely to catch breaches early, and the costs of fixing the problem can be lower.
4. Business Disruptions Worsen After Breaches
Data breaches don’t just lead to financial costs – they can also cause major disruptions to business operations. In this year’s report, 70% of organizations said they faced significant disruptions because of a breach. This means they experienced things like system shutdowns, delays in serving customers, or problems completing transactions.
These disruptions can hurt a company’s reputation and lead to losing customers to competitors. Recovering from these disruptions is not easy, and most companies needed more than 100 days to get back on track. Only 12% said they fully recovered within that timeframe.
The longer it takes to recover, the more expensive it gets, as businesses continue losing revenue and spending money to fix problems. Be sure and check out David’s post on ensuring business continuity success!
5. Malicious Insider Attacks Are the Most Costly
When data breaches are caused by insiders (such as employees or contractors misusing access to data), it tends to be more costly than those caused by outsiders. Insider attacks cost an average of $4.99 million per breach.
These attacks are hard to detect because the person responsible is someone who already has access to the company’s systems. They might steal data to sell it or leak confidential information to hurt the company. The damage caused by these attacks can be huge because the insider knows the company’s weaknesses.
The costs also include money spent on investigations, legal fees, and sometimes having to pay to recover stolen data!
6. Shadow Data Adds to the Problem
I despise shadow data. Shadow data is data that isn’t managed. Shadow data is data that isn’t tracked. Shadow data is data that isn’t secured properly. Shadow data is… well, you get the point. I’m writing a blog post just on this topic soon – but for now, you can read this one by CSA (after you finish reading my post here, of course).
This can happen when employees store information in unauthorized places, like personal devices or unapproved cloud services. About 35% of data breaches involved shadow data, making it a growing concern for businesses.
Shadow data often goes unnoticed by IT departments, so when a breach happens, it takes much longer to identify and fix the problem. These breaches cost an average of $5.27 million, which is 16% higher than the cost of breaches without shadow data.
Make sure you have good data management strategies and strict policies to track where your data is stored – and how it’s being used.
7. Credential-Based Attacks Are Hard to Detect
Attacks involving stolen credentials, such as usernames, passwords, or security tokens, are one of the most common and dangerous types of breaches. These attacks made up 31% of all breaches and took the longest to detect and contain, with an average of 292 days!
Because the attacker uses valid credentials, it’s hard for the company to know they’ve been compromised. This allows hackers to move around the network and steal more information over time. The longer these attacks go unnoticed, the more damage they do. Companies often have to reset all passwords, review access logs, and implement stricter security measures to prevent further attacks. That can take a lot of time and resources = money.
8. Complex Security and Staff Shortages Make Breaches Cost More
As I mentioned up top, this blog post started with the goal of “7 Takeaways” but I just had to include this one – making it 8 – because security systems that are too complex are often times ineffective.
In the report, it states that companies with complex security systems or those facing staff shortages had much higher costs, averaging $5.74 million per breach.
When security systems are too complex, it’s easier for things to go wrong (like configuration errors or gaps in protection). On top of that, the ongoing shortage of cybersecurity professionals makes it hard for companies to respond quickly to threats and manage their defenses.
If your company is like this, then you should consider investing in training your current staff and also consider simplifying your security setup to reduce risks. This makes it a lot easier to spot and fix problems when they happen.
Conclusion
I’ve only touched on a few things that stood out to me. I encourage you to download the IBM Cost of a Data Breach Report (2024) and read for yourself. It really highlights the growing financial impact of data breaches on organizations worldwide, and it’s getting harder to manage the consequences here.
AI and automation can help, but there are still significant gaps in cybersecurity strategies, such as dealing with shadow data and insider threats (security awareness training anyone?). Additionally, industries like healthcare continue to be prime targets due to their sensitive data and often outdated security systems.
As more companies pass breach costs onto customers and struggle with staff shortages, it becomes clear that organizations need to invest more in preventive measures and simplify their security setups.
My overall takeaway is that with a focus on more proactive controls – combined with smarter use of technology and better data management – can help your company better protect themselves and reduce the costs associated with data breaches.
Oh – and when you are done pouring through the entire report, go back and test your knowledge (link at left on desktop, or scroll down near bottom on mobile).